Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, the company provides an automated cloud-based service for securing web, mobile and third-party enterprise applications. Veracode provides multiple security analysis technologies on a single platform, including static analysis, dynamic analysis, mobile application behavioral analysis and software composition analysis.

Wikipedia
Veracode
Veracode
Blog Post
  • We are in the midst of the fourth industrial revolution. Instead of steam machines or textiles, our economy is becoming ever more tied to technology. In order for our digital economy to thrive, we as a collective society need to have trust in our technology. Yet, the technology world has done very little to earn that trust. During RSA David Duncan, VP, Product Marketing and Mark McGovern, VP, Pro...

Veracode
Veracode
Blog Post
  • During the RSA conference Sam King, general manager of CA Veracode lead an engaging discussion with Art Coviello, former CEO of RSA and Robert Knake, senior fellow for cyber policy at the Council on Foreign Relations and senior research scientist at Northwestern University’s Global Resilience Institute. While the conversation touched on a variety of topics, the prevailing theme was on the need fo...

Veracode
Veracode
Blog Post
  • Open source component vulnerabilities have been a hot topic in the security industry as well as in the media. It used to be the main concern in software development was making sure you testing throughout the SDLC. While this is still a crucial part of making sure your software is secure, component security has grown in importance. As Tim Jarrett, Director of product management at CA Veracode expl...

Veracode
Veracode
Blog Post
  • Lance Spitzner, Director, SANS Institute The security skills gap is well documented. There just aren’t enough security professionals in the workforce to help secure our digital economy. Even if there were, scaling to the number of security professionals needed to create a comprehensive security program alone would not solve the security problem, especially in AppSec. During this talk, Lance Spitz...

Veracode
Veracode
Blog Post
  • RSAC 2018 kicked off today with DevOps Connect: DevSecOps Day @ RSAC 2018. This full day event featured speakers security vendors, security practitioners and development teams.  It was interesting to compare the perspectives of the security and development teams when it comes to software security. What was even more interesting was how similar their perspectives are, and to see them presenting on...

Veracode
Veracode
Blog Post
  • RSA 2018 is fast approaching, and all of us at CA Veracode are gearing up and getting ready. I’m excited to return this year, and looking forward to both sharing what’s new with us, and learning more about what others have been working on this year. Although the size of this conference can be overwhelming, bringing so many security professionals together creates a truly unique source of knowledge...

Veracode
Veracode
Blog Post
  • New research: Only 52% of developers using components in their apps update them when a new vulnerability is announced Open source components have gone mainstream. With every company undoubtedly becoming a software company, open source and commercial components are a vital element in developing applications at the speed of DevOps. But while they’re a powerful tool for adding features and functiona...

Veracode
Veracode
Blog Post
  • As software becomes a bigger component of the value delivered by companies in every industry, it’s no exaggeration to say that every company is becoming a software company. We find our customers pushing the envelope on how to tool up their internal software factory to make software better, faster and more efficiently. Those goals are also driving increased use of open source libraries. This saves...

Veracode
Veracode
Blog Post
  • Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep up with the rapidly changing cybersecurity landscape and combat the tactics of malicious actors toda...

Veracode
Veracode
Blog Post
  • The life of a commercial software developer is a difficult one. Or at least we have to assume it is because of how many of them half-ass it when code starts to get complicated. Okay, maybe that’s unfair. Maybe it’s not all half-assing. It’s complicated. Literally. There’s many functions that are overly complex. They are so complex with so many variables and interactions as to be actually untestab...

Veracode
Veracode
Blog Post
  • There’s been a lot of talk and buzz about DevOps and DevSecOps, precipitated by mega technology trends and cybersecurity events shaping our industry. So my colleagues and I were excited to be part of a recent Virtual Summit on “Assembling the Pieces of the DevSecOps Puzzle,” which aimed to move the conversation from defining DevSecOps to enacting it. We are spending a lot of time helping our cust...

Veracode
Veracode
Blog Post
  • The marquee event of the security industry is fast approaching – the 2018 RSA Conference will take place in San Francisco April 16 to 20. This is a highlight of the year for all of us at CA Veracode, and we will have a major presence there, in part because of the sheer size of this event – both in terms of attendance and scale. It’s definitely the leading business-focused security show, and we kn...

Veracode
Veracode
Blog Post
  • Traditionally, most executives have thought of security as a necessary evil – an investment that was needed solely to avoid a bad outcome, but not something that would bring in new customers or boost revenue. But that seems to be changing. CA Technologies recently surveyed IT and business leaders to find out how well organizations are integrating security throughout the development process – a me...

Veracode
Veracode
Blog Post
  • For the fifth consecutive report, Gartner placed CA Veracode as a Leader in the 2018 Magic Quadrant for Application Security Testing1.  Gartner chooses leaders for the report based on a company’s completeness of vision and ability to execute in the application security testing (AST) market. In recent years, we’ve witnessed the rise in adoption of DevSecOps and Modern Software Factory approaches ...

Veracode
Veracode
Blog Post
  • Traditionally, security was about cost avoidance. It was thought of like insurance – something you have to have in case something bad happens, but not something that would boost the bottom line or attract customers. But in today’s environment, we are increasingly seeing that security is about more than cost avoidance; done right, it creates a competitive advantage. The results of a recent IDG sur...

Veracode
Veracode
Blog Post
  • Are you struggling to respond to customer and prospect concerns about the security of your application? Do you know what good application security looks like, or how to get there? CA Veracode is pleased to announce the CA Veracode Verified program. With CA Veracode Verified, you prove at a glance that you’ve made security a priority, and that your security program is backed by one of the most tru...

Veracode
Veracode
Blog Post
  • We talk a lot about the need for development teams to create security champions. With the shift to DevOps – and the intersecting of development, security, and operations teams – development and security teams can no longer operate in their traditional silos. Each team needs to not only work closely together, but also have a much deeper understanding of each others’ pains, processes, and prioritie...

Veracode
Veracode
Blog Post
  • Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break has been available since September of last year, but the vulnerability brok...

Veracode
Veracode
Blog Post
  • The complexities of developing secure software aren't lost on anyone in the business world. One tool development teams have used to adapt to today's challenging environment is software containers, which allow applications to run reliably on different platforms and systems.   Today, organizations use containers to address a wide range of development and testing tasks. What's more, as DevOps and ot...

Veracode
Veracode
Blog Post
  • The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are simply two engineering solutions for the same problem. However, as a fundamental part of vendors’ approaches to ...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.